<?php
session_start();
include 'connect_db.php';

$sql="SELECT idcarte FROM db_cartes WHERE ProduitFini=TRUE";
$result=mysql_query($sql);

while($tableau=mysql_fetch_array($result,MYSQL_ASSOC)){

    //PREVENTION DES INSERTIONS
    $temp =$_POST['qtytxt'.$tableau['idcarte'] ];
    $temp = stripslashes($temp);
    $temp = mysql_real_escape_string($temp);
    //echo $temp.'-----'.$tableau['idcarte'].'-----';

    if(temp!='0'){
        $val=intval($temp);
        if($val>0){
            $sql1= "INSERT INTO db_cart (clients_email,cartes_idcarte,qty) VALUES ('$myusername',".$tableau['idcarte'].",$val)";
            $result1=mysql_query($sql1);
            //echo $sql1;
        }
    }
}
mysql_close($link);
header("location:panier.php");
?>
